Filtered by vendor Lg
Subscribe
Search
Total
11 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-23727 | 1 Lg | 1 Webos | 2022-02-03 | 4.6 MEDIUM | 7.8 HIGH |
| There is a privilege escalation vulnerability in some webOS TVs. Due to wrong setting environments, local attacker is able to perform specific operation to exploit this vulnerability. Exploitation may cause the attacker to obtain a higher privilege | |||||
| CVE-2019-20769 | 1 Lg | 2 G3, Pc Suite | 2021-07-21 | 4.4 MEDIUM | 7.8 HIGH |
| An issue was discovered in LG PC Suite for LG G3 and earlier (aka LG PC Suite v5.3.27 and earlier). DLL Hijacking can occur via a Trojan horse DLL in the current working directory. The LG ID is LVE-MOT-190001 (November 2019). | |||||
| CVE-2019-7404 | 1 Lg | 6 Gamp-7100, Gamp-7100 Firmware, Gapm-7200 and 3 more | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on LG GAMP-7100, GAPM-7200, and GAPM-8000 routers. An unauthenticated user can read a log file via an HTTP request containing its full pathname, such as http://192.168.0.1/var/gapm7100_${today's_date}.log for reading a filename such as gapm7100_190101.log. | |||||
| CVE-2019-20781 | 1 Lg | 1 Bridge | 2021-07-21 | 4.4 MEDIUM | 7.8 HIGH |
| An issue was discovered in LG Bridge before April 2019 on Windows. DLL Hijacking can occur. | |||||
| CVE-2018-16706 | 1 Lg | 1 Supersign Cms | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a direct HTTP request to /qsr_server/device/reboot on port 9080. | |||||
| CVE-2020-13842 | 2 Google, Lg | 35 Android, Cv1, Cv1s and 32 more | 2020-06-11 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). A dangerous AT command was made available even though it is unused. The LG ID is LVE-SMP-200010 (June 2020). | |||||
| CVE-2013-3685 | 2 Lg, Spritesoftware | 45 E971, E973, E975 and 42 more | 2020-02-19 | 6.9 MEDIUM | 7.0 HIGH |
| A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, which could let a local malicious user obtain root privileges. | |||||
| CVE-2018-16946 | 1 Lg | 36 Lnb5110, Lnb5110 Firmware, Lnb5320 and 33 more | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| LG LNB*, LND*, LNU*, and LNV* smart network camera devices have broken access control. Attackers are able to download /updownload/t.report (aka Log & Report) files and download backup files (via download.php) without authenticating. These backup files contain user credentials and configuration information for the camera device. An attacker is able to discover the backup filename via reading the system logs or report data, or just by brute-forcing the backup filename pattern. It may be possible to authenticate to the admin account with the admin password. | |||||
| CVE-2019-8372 | 1 Lg | 1 Lha.sys | 2019-02-26 | 6.9 MEDIUM | 7.0 HIGH |
| The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes functionality that allows low-privileged users to read and write arbitrary physical memory via specially crafted IOCTL requests and elevate system privileges. This occurs because the device object has an associated symbolic link and an open DACL. | |||||
| CVE-2018-16288 | 1 Lg | 1 Supersign Cms | 2018-11-07 | 7.8 HIGH | 8.6 HIGH |
| LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs. | |||||
| CVE-2014-0997 | 4 Google, Lg, Motorola and 1 more | 6 Android, Nexus 4, Nexus 5 and 3 more | 2018-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and potentially other unspecified Android releases before 5.0.1 and 5.0.2 does not properly handle exceptions, which allows remote attackers to cause a denial of service (reboot) via a crafted 802.11 probe response frame. | |||||